Re: [PATCH] openvswitch: Fix condition check by using nla_ok()

From: Jakub Kicinski
Date: Thu Sep 16 2021 - 10:36:43 EST


On Thu, 16 Sep 2021 01:43:23 +0000 Jiasheng Jiang wrote:
> Just using 'rem > 0' might be unsafe, so it's better
> to use the nla_ok() instead.
> Because we can see from the nla_next() that
> '*remaining' might be smaller than 'totlen'. And nla_ok()
> will avoid it happening.
>
> Signed-off-by: Jiasheng Jiang <jiasheng@xxxxxxxxxxx>

Are the attributes coming from the user space here or are generated
by the kernel / were already validated? Depending on that this is
either a fix and needs to be backported or a possible cleanup.

Please repost with the explanation where attrs come from in the commit
message, and if it's indeed a bug please add a Fixes tag.

If we do need the nla_ok() we should probably also switch to
nla_for_each_attr() and nla_for_each_nested().